[每日信息流] 2024-08-16

[ruohong2018]

每日安全资讯（2024-08-16）

• Twitter @Nicolas Krassas
  • Google: Iran's Charming Kitten Targets US Presidential Elections, Israeli Military https://www.darkreading.com/cyberattacks-data-breaches/google-iran-...
  • Microsoft disables BitLocker security fix, advises manual mitigation https://www.bleepingcomputer.com/news/microsoft/microsoft-disables-bitlocker-secu...
  • Ghost in the Wireless: An introduction to Airspace Analysis with Kismet https://www.blackhillsinfosec.com/an-introduction-to-airspace-analysis-with-ki...
  • Google raps Iran's APT42 for raining down spear-phishing attacks https://go.theregister.com/feed/www.theregister.com/2024/08/15/google_iran_apt42_camp...
  • SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software https://thehackernews.com/2024/08/solarwinds-releases-patch-for-critical.html
  • Rhysida ransomware lays claim on Washington Times hack https://www.scmagazine.com/brief/rhysida-ransomware-lays-claim-on-washington-times-hack
  • Kimble To Be Extradited From New Zealand After 12 Year Fight With US https://packetstormsecurity.com/news/view/36220/Kimble-To-Be-Extradited-From-New-...
  • Researchers Hack Electronic Shifters With A Few Hundred Dollars Of Hardware https://packetstormsecurity.com/news/view/36224/Researchers-Hack-Electroni...
  • Every American's Social Security Number May Have Been Stolen By Hackers https://packetstormsecurity.com/news/view/36225/Every-Americans-Social-Securit...
  • Inside the "3 Billion People" National Public Data Breach https://www.reddit.com/r/netsec/comments/1est9qj/inside_the_3_billion_people_national_public...
  • RansomHub Group Deploys New EDR-Killing Tool in Latest Cyber Attacks https://thehackernews.com/2024/08/ransomhub-group-deploys-new-edr-killing.html
  • http://SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement. https://github.co...
  • How Hackers Extracted the ‘Keys to the Kingdom’ to Clone HID Keycards https://www.wired.com/story/hid-keycard-authentication-key-vulnerability/
  • Mad Liberator extortion crew emerges on the cyber-crook scene https://go.theregister.com/feed/www.theregister.com/2024/08/15/mad_liberator_extortion/
  • Over 40 million Kakao Pay users' data somehow ended up with Alipay https://go.theregister.com/feed/www.theregister.com/2024/08/15/kakao_pay_data_leak/
  • Apple Breaks the Mold: iPhone NFC Opens to Third-Party Payments https://securityonline.info/apple-breaks-the-mold-iphone-nfc-opens-to-third-party-paym...
  • New Cyber Threat Targets Azerbaijan and Israel Diplomats, Stealing Sensitive Data https://thehackernews.com/2024/08/new-cyber-threat-targets-azerbaija...
  • GitHub Vulnerability 'ArtiPACKED' Exposes Repositories to Potential Takeover https://thehackernews.com/2024/08/github-vulnerability-artipacked-exposes...
  • Russian cyber snoops linked to massive credential-stealing campaign https://go.theregister.com/feed/www.theregister.com/2024/08/14/russias_fsb_cyber_p...
• Recent Commits to cve:main
  • Update Thu Aug 15 22:31:01 UTC 2024
  • Update Thu Aug 15 14:36:12 UTC 2024
  • Update Thu Aug 15 06:33:49 UTC 2024
• Trustwave Blog
  • Defending Healthcare: Trustwave’s Dedication to Fight Cyber Threats to Patient Safety
• Files ≈ Packet Storm
  • Debian Security Advisory 5749-1
  • LG Simple Editor 3.21.0 Command Injection
  • OpenMetadata 1.2.3 Authentication Bypass / SpEL Injection
  • Apache HugeGraph Gremlin Remote Code Execution
  • Ubuntu Security Notice USN-6961-1
  • Clam AntiVirus Toolkit 1.4.0
  • GNU Transport Layer Security Library 3.8.7.1
  • Red Hat Security Advisory 2024-5418-03
  • Red Hat Security Advisory 2024-5411-03
  • Feberr 13.4 Insecure Settings
  • Red Hat Security Advisory 2024-5410-03
  • Ubuntu Security Notice USN-6960-1
  • Farmacia Gama 1.0 Cross Site Scripting
  • Red Hat Security Advisory 2024-5406-03
  • Ecommerce 1.15 Insecure Settings
  • Red Hat Security Advisory 2024-5405-03
  • Ubuntu Security Notice USN-6951-2
  • Covid-19 Contact Tracing System 1.0 Cross Site Scripting
  • Red Hat Security Advisory 2024-5402-03
  • Red Hat Security Advisory 2024-5396-03
  • Car Rental Management System 1.0 Cross Site Scripting
  • BloodBank 1.1 Insecure Settings
  • Red Hat Security Advisory 2024-5395-03
  • Bhojon Restaurant Management System 2.9 Insecure Settings
  • FlatPress 1.3.1 Path Traversal
• bunnie's blog
  • Name that Ware, August 2024
  • Winner, Name that Ware July 2024
• 安全客-有思想的安全新媒体
  • GitHub 开源项目出现攻击媒介，多家公司受影响
  • 化学制造公司Orion在BEC骗局中损失了6000万美元
  • 新型钓鱼攻击运用恶意软件窃取高级信息
  • Gcore Radar 报告显示，2024 年上半年 DDoS 攻击数量增加了 46%
  • Microsoft 在没有宣布的情况下修补了 SmartScreen 零日漏洞
  • ISAGCA 新报告探讨了 OT 网络安全中的零信任成果
  • 印度尼西亚重大袭击事件背后的勒索软件组织戴着多重面具
  • SolarWinds 解决了所有 Web Help Desk 版本中的关键 RCE 问题
  • 微软超高危漏洞“狂躁许可”来袭！360终端安全轻松“拿捏”
  • 与 Black Basta 有关的攻击者利用 SystemBC 恶意软件攻击用户
• Security Boulevard
  • USENIX Security ’23 – TRIDENT: Towards Detecting and Mitigating Web-based Social Engineering Attacks
  • How to Align Infosec to Business Operations: Sam Curry’s Cybersecurity Playbook for Executives
  • The Hidden Cost of Click Fraud: Why Data You Can Trust, Matters
  • ReliaQuest: Watch Out for Info-Stealers and RATs
  • Thales PQC Partner Ecosystem Facilitates and Accelerates Quantum-Safe Migrations
  • The Polar Bear in Your Kitchen: A Cybersecurity Analogy
  • Randall Munroe’s XKCD ‘Celestial Event’
  • A Gap in the Armor: What Was Missing from Black Hat 2024
  • Don’t Mess With Texas Privacy: AG Sues GM for $18 BILLION
  • NIST Releases First Post-Quantum Encryption Algorithms
• obaby@mars
  • 通过 CF 自建 Docker 镜像
• 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
  • XCon2024 完整日程抢先路透！循变之旅，蓄力起航~
  • 黑客泄露 27 亿条个人信息资料
  • TSCM情报库01 |TSCM圈的扛把子：REI
  • 宝藏猎人 | 从海边到深山，现实版摸金校尉
• Twitter @bytehx
  • Re @PikuHaku @yeswehack Idk why it shows €€€ , Actually it should shows €€€€.
  • Re @PikuHaku @yeswehack That is not under €1K though
• GuidePoint Security
  • GRIT Ransomware Report: July 2024
• SpiderLabs Blog
  • Trustwave Rapid Response: Windows TCP/IP RCE Vulnerability (CVE-2024-38063)
• Reusable Security
  • CMIYC 2024: RAdmin3 Challenge
• Sandfly Security Blog RSS Feed
  • Sandfly 5.1.1 - Important Performance Upgrade and Yescrypt Support
• Trail of Bits Blog
  • We wrote the code, and the code won
• FreeBuf网络安全行业门户
  • FreeBuf早报 | 2024 上半年勒索攻击洞察；更多黑客想要攻击苹果
  • 深入了解Psexec与SMBexec
  • GitHub全球宕机，微软Copilot同时瘫痪
  • Windows TCP IP RCE漏洞曝光，影响所有启用IPv6的系统
  • GitHub Actions 遭利用，14个热门开源项目令牌泄露风险激增
  • 霸王茶姬招人啦
• rtl-sdr.com
  • BSidesPGH 2024 Talk: Introduction to Software Defined Radio For Offensive and Defensive Operations
  • Easvesdropping on HDMI with TEMPESTSDR and SDRplay
• 安全牛
  • 卫星互联网频迎政策催化，细分赛道投资价值显现
• HackerNews
  • 英国一核设施曝出严重网络安全失误，已造成国家安全威胁
  • GitHub 全球宕机，微软 Copilot 同时瘫痪
  • 私自用 6000 万用户数据训练大模型，马斯克面临大规模 GDPR 诉讼
  • 零点击 Windows TCP/IP RCE 漏洞（CVE-2024-38063）会影响所有启用 IPv6 的系统，应立即修补
  • 华盛顿时报遭 Rhysida 勒索软件攻击
• 奇客Solidot–传递最新科技情报
  • 科学家发现人类在 44 岁和 60 岁时突然加剧衰老
  • Windows 11 v24H2 将默认启用 BitLocker 设备加密
  • 韦伯望远镜进一步加深了哈勃张力的争议
  • 水熊虫如何演化出超能力
  • 日本今天将解除南海海槽地震预警
  • Eric Schmidt 声称远程工作导致了 Google 在 AI 竞争中落后
  • 研究发现 94% 的商业表格包含重大错误
  • 生活在城市的鸟会传播耐药超级细菌
  • Google 宣布关闭所有俄罗斯 AdSense 账号
• 黑海洋 - WIKI
  • Final2x图像增强工具 绿色版
  • 开源 .Net 反汇编工具 dnSpy 6.5.1 + x64 中文绿色免费版
• Black Hills Information Security
  • Ghost in the Wireless: An introduction to Airspace Analysis with Kismet
• 奇安信威胁情报中心
  • 近期值得关注的IOC（2024-08-15）
  • 【8月14日获奖榜】以下网络安全专家已免费获赠阿瑞斯武器库批量查询工具
• 吾爱破解论坛
  • 记录一下一个.Net阅读器的两种破解方式
• 看雪学苑
  • Vigor3900 CVE-2021-43118 命令注入漏洞分析
  • 百度技术中台群组2025校招提前批热招中！！！
  • 允许攻击者访问本地服务，影响所有主流浏览器的“0.0.0.0 Day”漏洞已存在18年之久
  • 2024 KCTF赛况 | OverSpace战队用时13分7秒最先拿下签到题
• 安全内参
  • 巴黎奥运会期间共发生超140起网络攻击事件
  • 美国NIST正式发布首批3项后量子加密标准
• dotNet安全矩阵
  • .NET 零基础安全入门必备学习社区
  • .NET 一款反序列化注入天蝎内存马的工具
  • 2024hvv | 26套.NET系统漏洞威胁情报(08.16更新)
• 慢雾科技
  • Web3 安全入门避坑指南｜空投骗局
• vivo千镜
  • 聚焦｜ ISC2华南分会vivo专场：数字安全新纪元 大模型与Web3.0的实践探索 活动邀请函
• 中国信息安全
  • 聚焦 | 国家信息安全漏洞库漏洞技术研究联盟正式成立——强化漏洞治理生态，共筑网络安全防线
  • 聚焦 | 青马红客“精英训练营”开营仪式隆重举行，推动网络安全实战型人才培养新进程
  • 通知 | 财政部印发《会计信息化工作规范》（附全文）
  • 通知 | 财政部印发《会计软件基本功能和服务规范》（附全文）
  • 评论 | 防范人工智能风险要有安全阀
  • 前沿 | NLP技术在银行业应用中数据风险管控的建议
  • 关注 | 英国骚乱暴露网络自组织行动风险
  • 评论 | 网络空间不容“水军”横行
• 数世咨询
  • 2023年被盗的法律文档超过前5年之和
  • 直播预热：【安全先行者】威胁情报技术应用沙龙
• 关键基础设施安全应急响应中心
  • 一体化云原生安全防护体系研究
  • 英国一核设施曝出严重网络安全失误，已造成国家安全威胁
  • 私自用6000万用户数据训练大模型，马斯克面临大规模GDPR诉讼
• 安全牛
  • NIST发布全球首批后量子安全加密标准；GitHub突发全球性服务中断故障 | 牛览
  • 中东地区最受关注的100位网络安全领导者
• 极客公园
  • 游戏业务强势复苏，腾讯单季净利润超 470 亿元
  • 苹果 2026 年推桌面机器人；腾讯确认与苹果谈小游戏收入；极氪回应「改款风波」：下次提前预告｜极客早知道
• 落水轩
  • 自研大模型与开源大模型的应用思考
• 补天平台
  • “星推厂商”上线 | 奖金翻倍积分可达6倍！
• 嘶吼专业版
  • XCon2024 完整日程抢先路透！循变之旅，蓄力起航~
  • 黑客泄露 27 亿条个人信息资料
• 山石网科安全技术研究院
  • 2024年第四届山石CTF招新赛WP REVERSE&WEB篇
• NOVASEC
  • 谈谈 Windows Redis 高版本 RCE 及 重要提示
• 百度安全应急响应中心
  • 百度技术中台群组2025校招提前批热招中！！！
• CNCERT国家工程研究中心
  • 基于虚拟化的固件蓝牙协议漏洞挖掘框架设计
  • 荷兰黑客挖出了太阳能系统中的关键漏洞，成功利用可危及欧洲电网
  • 严重的SAP漏洞可让攻击者绕过身份验证破坏企业系统
• Qualys Security Blog
  • HHS OIG Report Underscores Challenges of Securing the Cloud
• Over Security - Cybersecurity news aggregator
  • NationalPublicData.com Hack Exposes a Nation’s Data
  • Microsoft removes FAT32 partition size limit in Windows 11
  • Five Key Takeaways from Flashpoint’s Black Hat USA 2024 Breakfast Briefing
  • Google to remove app from Pixel devices following claims that it made phones vulnerable
  • Ransomware gang deploys new malware to kill security software
  • AI, election security headline discussions at Black Hat and DEF CON
  • Google: Iranian hackers targeting affiliates of both US presidential campaigns
  • Tusk: unraveling a complex infostealer campaign
  • Microsoft disables BitLocker security fix, advises manual mitigation
  • Meta warns of troll networks from Russia, Iran ahead of US elections
  • Ransomware gangs rake in more than $450 million in first half of 2024
  • Microsoft shares temp fix for Outlook, Word crashes when typing
  • Russian citizen sentenced in US for selling stolen financial data on criminal marketplace
  • Doppelgänger operation rushes to secure itself amid ongoing detections, German agency says
• bellingcat
  • Easy AI: A Simplified Approach to Classifying Images with Off-the-Shelf AI Models
• TrustedSec
  • Oops I UDL'd it Again
• Beacon Tower Lab
  • 基于邮箱的域名欺骗攻击（利用解析器绕过访问控制）
  • 【0815】重保演习每日情报汇总
• Il Disinformatico
  • ANTEPRIMA Podcast RSI - Emily Pellegrini, l’influencer virtuale che virtuale non era; deepfake per una truffa da 25 milioni di dollari
• CNVD漏洞平台
  • Microsoft发布2024年8月安全更新
• 字节跳动技术团队
  • 基于 cwgo 代码生成工具的工程化实践
  • 用VUE3做个PDF动态合同表单（含编辑+渲染）
  • OpenAI 找回场子：chatgpt-4o-latest AI 模型多项跑分力压谷歌 Gemini 1.5 Pro
• Schneier on Security
  • NIST Releases First Post-Quantum Encryption Algorithms
• SANS Internet Storm Center, InfoCON: green
  • Wireshark 4.4.0rc1's Custom Columns, (Thu, Aug 15th)
  • ISC Stormcast For Thursday, August 15th, 2024 https://isc.sans.edu/podcastdetail/9098, (Thu, Aug 15th)
• Deep Web
  • I sometimes deeply regret posting to this sub...
  • Older torr story.
• Trend Micro Research, News and Perspectives
  • Rogue AI is the Future of Cyber Threats
• Blackhat Library: Hacking techniques and research
  • iPhone vulnerabilities
• netsecstudents: Subreddit for students studying Network Security and its related subjects
  • WebApp Pentest Vs. Network Pentest - Real World ?
  • F-1 visa rejected need suggestions on how to spend next 3 months before I can re apply for spring
• The Hacker News
  • SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software
  • Russian-Linked Hackers Target Eastern European NGOs and Media
  • Identity Threat Detection and Response Solution Guide
  • RansomHub Group Deploys New EDR-Killing Tool in Latest Cyber Attacks
  • GitHub Vulnerability 'ArtiPACKED' Exposes Repositories to Potential Takeover
  • New Cyber Threat Targets Azerbaijan and Israel Diplomats, Stealing Sensitive Data
  • New Gafgyt Botnet Variant Targets Weak SSH Passwords for GPU Crypto Mining
• TorrentFreak
  • Cox Asks Supreme Court to Protect Internet Subscribers from ‘Piracy Terminations’
  • Kim Dotcom’s Extradition to the U.S. Given Green Light By New Zealand
• Your Open Hacker Community
  • Email spoofing trouble on Kali
  • How do I improve my Hydra input?
  • Researching CVEs
  • What is the purpose of having more octets in an IP that is allocated (if that's the right word) to the network rather than having more hosts?
  • Very easy hacking labs preferably on tryhackme
  • Breaking into an Android Phone
• The Register - Security
  • DARPA, ARPA-H award $14m to 7 AIxCC semifinalists, with a catch
  • Google raps Iran's APT42 for raining down spear-phishing attacks
  • Russian man who sold logins to nearly 3,000 accounts gets 40 months in jail
  • Mad Liberator extortion crew emerges on the cyber-crook scene
  • Over 40 million Kakao Pay users' data somehow ended up with Alipay
  • China-linked cyber-spies infect Russian govt, IT sector
• Krebs on Security
  • NationalPublicData.com Hack Exposes a Nation’s Data
• Palo Alto Networks Blog
  • Enabling the Safe Use of GenAI Applications
• Technical Information Security Content & Discussion
  • MSI motherboards susceptible to code execution & firmware implant - analysis of CVE-2024-36877
  • Inside the "3 Billion People" National Public Data Breach
  • New phishing technique using udl files
  • Mixing watering hole attacks with history leak via CSS
  • Entra Id security bypass
• Information Security
  • Soaring Cybersecurity Valuation: eSentire Weighs Sale at Nearly 7x Annual Revenue — Sources
  • Is this website legit?
• Security Affairs
  • A group linked to RansomHub operation employs EDR-killing tool EDRKillShifter
  • Google disrupted hacking campaigns carried out by Iran-linked APT42
  • Black Basta ransomware gang linked to a SystemBC malware campaign
  • A massive cyber attack hit Central Bank of Iran and other Iranian banks
• 不忘初心px1624
  • 看暴漫学越权6
• Securelist
  • Tusk: unraveling a complex infostealer campaign
• Computer Forensics
  • Have to Image 90 laptops- what would you do?
  • Disabling Defender while forensicating
  • Finding emails with modified chains
• 迪哥讲事
  • 如何用一种SQL注入姿势在src斩获30w+赏金？
• 360数字安全
  • Gartner最新报告！360“明星产品”搭载安全大模型战力领跑市场
• Deeplinks
  • 2 Fast 2 Legal: How EFF Helped a Security Researcher During DEF CON 32
  • EFF Honored as DEF CON 32 Uber Contributor